//> A L C A T R O N . N E T //> Posts

The Australian National Broadband network, is being rolled out full steam ahead, here are some of the differences between FTTB vs FTTP rollout to a building.
FTTB is Fibre to the Basement, and FTTP is Fibre to the Premises, these two terms sound very similar, but are quite different in the way they operate, and may be confusing for you.

To summarize this, here it what it exactly means:

FTTBPhysical – Powered DSLAM device that sits in the basement of the building. This DSLAM works off VDSL2 to the end user.
Speed Residential – It has a maximum speed of UP TO TC4 100/40 – Depending on the copper length from DSLAM to end user as signal will attenuate on longer distance and provide less speed
Speed Business Grade – It has an estimated Traffic Class 2 – TC2 20/20 (Synchronous)

FTTP

Physical – Fibre direct to your premise with a Network Termination Device (NTD) that you connect up to 4 data connections and 2 analogue telephone ports. You can order battery backup on the NTD as well

Redundancy and Flexibility – 4 data ports – meaning up to 4 services from up to 4 carriers can be connected – this can allow for carrier redundancy and also if you wanted to separate your networks on each port using one for each – eg. corporate data/guest wifi/3rd party businesses on each port.

Speed – It has a maximum Speed of TC2 100/100 – Business Grade Service – with high download and upload speeds for corporate application data/video conference/VOIP with guaranteed performance parameters around jitter and lag that many enterprise applications require to run efficiently and without delays, time outs and buffering.

Speed – It also has a range of residential grade (Traffic Class 4 – TC4) speed tiers you can order up to a maximum of TC4 1000/400.

Smoother connection experience with a fibre connection compared to copper based FTTB

Battery Backup on the nbn edge device is available in the event of a power outage

At the moment NBN is delivering FTTB in most places in large apartment buildings, hospitals, etc , but the business can choose for a FTTP delivery instead if they wish to, however this will come with an extra cost which NBN can provide a quote for.

I wanted to try do something on my Cisco ASA to setup incoming IKEV/IPsec/L2TP VPN to allow access to the local LAN and also the internet connection which the ASA Uses. So when a client connects to the VPN, they can access the local lan, as well as the internet connection that sits off from the ASA.

In order to set this up, we have to have something like this going, all performed in enable configuration mode.

Allow VPN Interface “Hairpin” on same interface and access to local LAN/Internet resources

nat (outside,inside) source static VPN VPN

Create a VPN Clients Out ACL, to allow the VPN Client subnet, access from its subnet to any IP address on the outside (in our case the local LANs or internet)

access-list VPN_CLIENTS_OUT extended permit ip object VPN any

Modify the group policy tunnel attributes attached to your tunnel. In my scenario below VPN Clients will use the Cloudflare DNS, utilise the correct ACL for access, allowed IKEV or L2TP protocols, all traffic will be tunneled and no split traffic permitted on client, and the IP address pool will be utilised from our VPNUsers pool

Once the above is implemented, the VPN clients will have access to the Local LAN, and to the Internet connected to the ASA. The above configuration does not take into consideration the complete VPN Tunnel setup, this additional configuration assumes you already have an existing complete tunnel setup.

This took me some time to get working, so I wanted to put some of my research on my blog incase anyone wishes to do the same, feedback welcome 🙂